Security

Extras

Lloyds TSB 'Internet Banking Account Status' Phishing Scam

Outline
Email purporting to be from UK bank Lloyds TSB, and apparently signed by Lloyds own Digital Banking Director, explains how customers can benefit from using Intent banking and urges them to click a button to login and start using the service.

Brief Analysis
The email is not from Lloyds TSB. The message is a phishing scam designed to trick the bank's customers into handing over their personal and financial details to fraudsters.

You can use Internet Banking to pay your bills and manage all your transactions when it suits you.

One of the ways you can do this is by our faster payments service which allows you to make one off online payments. In most cases the money is available in the recipients bank account almost immediately.

You can also register for Lloyds TSB Bill Manager, which lets you view, pay and manage your bills - particularly popular with customers who bank online.

Manage Direct Debits and standing orders

Make credit card payments

Transfer money between your accounts

Order travel money.
You can use our online banking service knowing youl be protected by the latest online security technology. We even guarantee to refund your money in the unlikely event that you experience a fraud with Internet Banking.

So, log on today for the quick, easy way to make payments and control your finances around the clock.

Yours sincerely,

[Name Removed]
Digital Banking Director

Detailed Analysis
UK bank Lloyds TSB has been regularly targeted by phishing criminals, and I have written about such scam attempts several times before. As with other major banks, phishing attacks against Lloyds customers are ongoing. But, I thought it worthwhile to bring this version to the attention of readers because it is a comparatively sophisticated example of its kind.

The message, which describes the advantages offered by signing up for Internet banking, is quite well rendered and lacks the glaring spelling and grammatical errors that often characterize such scam attempts. The email comes complete with a Lloyds TSB logo and familiar green colour scheme. It even features the name and signature of the bank's real Digital Banking Director.

Thus, it is likely that at least a few of the people who receive one of these scam messages will be taken in and will click the "Take me to Internet Banking" button as advised. Alas, those who do take the bait and click will be transported to a site hosted in Serbia that has no connection whatsoever to Lloyds TSB. The scam victim will first be confronted with the following login page, which, like the email, is designed to mimic the real bank website:

After submitting login details and clicking "Continue" our hapless victim will be taken to another look-a-like scam page that contains the following form, which asks for personal and financial information:

But, of course, when our victim clicks the "Submit" button, all of the sensitive information entered can be transmitted to online criminals who will use it to hijack the victim's real account, and commit credit card fraud and identity theft.

In spite of a great deal of publicity, phishing still finds new victims every day. And while the tactic continues to work for them, criminals will continue to devise new cover stories designed to separate the unwary from their money and personal information.